Forum Discussion
TLS cipher suites and ConfigMgr client notification channel
Recently discovered that when the ConfigMgr client connects to the MP on TCP 10123 the client is offering the following TLS cipher suites, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA which are considered weak. If these are disabled on the server the TLS handshake fails and the client will fall back to HTTP.
Are there any plans to use more secure ciphers in the future?
1 Reply
- Jason_Sandys
Microsoft
Hi silvermarkg_Personal,
Please file this using a frown in the console to get it added to our development lifecycle: https://docs.microsoft.com/en-us/mem/configmgr/core/understand/product-feedback. Please ensure that you include the business scenario and motivation for needing this so that we can prioritize this request properly.
